<?php

class Login {
    

    private $username;
    private $password;
    

    private $Host;
    private $MySQLUsername;
    private $MySQLPassword;
    private $Database;
    private $Conn;
    

    //Constructor
    public function Login()
    {
        session_start();
        $this->Host = "localhost";
        $this->MySQLUsername = "root";
        $this->MySQLPassword = "";
        $this->Database = "efutsal";

        $this->Connection();
        
        unset($this->Host);
        unset($this->MySQLUsername);
        unset($this->MySQLPassword);
        unset($this->Database);
    }


    public function Connection()
    {
        $this->Conn = @mysql_connect($this->Host,$this->MySQLUsername,$this->MySQLPassword);
        
        if($this->Conn)
        {
            mysql_select_db($this->Database) OR die('Could not select DB');
        }
        else
        {
            die(mysql_error());
        }  
    }
    
    public function Query($sql)
    {
        $result = mysql_query($sql);
        
        if(!$result)
        {
            die(mysql_error());
        }
        
        return $result;
    }
    
    public function Disconnect()
    {
        mysql_close($this->Conn);
    }
    
    //Escapes bad values for MySQL to prevent SQL injections.
    public function EscapeString($badstring)
    {
        if(!get_magic_quotes_gpc())
        {
            $goodstring = addslashes($badstring);
        }
        else
        {
            $goodstring = stripslashes($badstring);
        }
        
        $goodstring = mysql_real_escape_string($badstring);
        
        return $goodstring;
    }
    
    public function EncryptPassword($password)
    {
      return sha1(md5($password));  
    } 
	
    //Check if the user can login
    public function CheckLogin($username,$password)
    {
        
                                                   
        $result = $this->Query("SELECT * FROM `user` WHERE `username` = '$username' AND `password` = '$password' LIMIT 1");
        
        //If we get one result we know the login is right.
        if(mysql_num_rows($result) == 1)
        {
            $this->username = $username;
            $_SESSION['username'] = $username;
            $_SESSION['authorized'] = 1; 
   
            header('location:../page/HOME_L.php');
        }
        else 
        {
			header('location:../page/HOME.php');
        }
            
    }
    //Add a user
	
    public function AddUser($username,$password)
    {
        $username = $this->EscapeString($username);
        $password = $this->EscapeString($this->EncryptPassword($password));
        
        $result = $this->Query("INSERT INTO `users` (username,password) VALUES ('$username','$password')");
    }
    //Takes the result of a query and puts the information into an array
	
    public function Result_To_Array($result)
    {
        $result_array = array();

        for ($i=0; $row = mysql_fetch_array($result); $i++) 
        {
            $result_array[$i] = $row;
        }

        return $result_array;

    }
    //Delete user
	
    public function DeleteUser($username)
    {
        $username = $this->EscapeString($username);
        
        $result = $this->Query("DELETE FROM `user` WHERE `username` = '$username' LIMIT 1");
    
    }
	
    //Checks if the user is authorized or not
    public function IsAuth()
    {
        if(isset($_SESSION['username']) && $_SESSION['authorized'] == 1)
        return true;
        else
        {
            header('../page/HOME.php');
        }    
    }
    //Shows user's IP
    public function GetIP()
    {
        return $_SERVER['REMOTE_ADDR'];
    }
	
    //Display all users
	
    public function ShowUsers()
    {
        $users = $this->Result_To_Array($this->Query("SELECT * FROM `user`"));
        foreach($users as $user)
        {
            echo $user['username']."<br />";
        } 
    }
	
    
    public function LogOut()
    {

         session_destroy();
         
         header('location:../page/SUKSES_LOGOUT.php');
    }
}
?>